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Novell Nsure Identity Manager 2 Administration Guide 


About This Guide 


This guide lists the features that are new in Novell® Nsure™ Identity Manager 2.0.1, as compared 
with Identity Manager 2.0. 


Additional Documentation 


For documentation on using the DirXML drivers, see the Identity Manager Documentation Web 
site (http://www.novell.com/documentation/lg/dirxmldrivers/index.html). 


Documentation Updates 


For the most recent version of this document, see the Identity Manager Documentation Web site 
(http://www.novell.com/documentation/lg/dirxm120/index.html) 


Documentation Conventions 


In this documentation, a greater-than symbol (>) is used to separate actions within a step and items 
within a cross-reference path. 


A trademark symbol @, ™, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party 
trademark. 


User Comments 


We want to hear your comments and suggestions about this manual and the other documentation 
included with this product. To contact us, send e-mail to proddoc@novell.com. 
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What’s New in Identity Manager 2.0.1? 


This guide lists the features that are new in Novell® Nsure™ Identity Manager 2.0.1, as compared 
with Identity Manager 2.0. 


For general information on the new features in Identity Manager 2.0 as compared with DirxML 
l.la, see “What's New in Identity Manager 2?” in the Novell Nsure Identity Manager 2 
Administration Guide. For information on updates to Identity Manager administration 
documentation, see “Updates” in the Novell Nsure Identity Manager 2 Administration Guide. 


For information on new features and documentation updates for individual drivers, see the driver 
implementation guides (http://www.novell.com/documentation/dirxmldrivers). 


In this section: 
+ “Platform Support” on page 9 
¢ “Installation” on page 10 
+ “Driver Set Overview” on page 10 
+ “Driver Overview” on page 12 
¢ “Driver Configuration: Importing and Exporting” on page 13 
¢ “Driver Configuration: Editing” on page 14 
+ “Driver Properties” on page 14 
+ “Schema Mapping” on page 16 
¢ “Driver Filter” on page 17 
+ “Policy Builder” on page 18 
+ “Referencing External Policies” on page 19 
+ “Rule Builder, Argument Builder, and String Builder” on page 20 
¢ “Versioning Discovery Tool” on page 25 
+ “Password Management” on page 25 


+ “Nsure Audit” on page 25 


Platform Support 


+ AIX®* is supported, specifically AIX 5.2L. 


+ Windows* 2003 is fully supported for the DirXML® engine and the drivers. Previously it was 
supported only as a platform for running drivers with the Remote Loader. 


+ SUSE® LINUX* Enterprise Server 9 is supported. 
+ Linux Red Hat* AS 3.0 is supported. 
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For more information on prerequisites, see “Identity Manager Components and System 
Requirements” in the Novell Nsure Identity Manager 2 Administration Guide. 


For additional information on what the individual drivers support, refer to the driver 
implementation guides (http://www.novell.com/documentation/dirxmldrivers/index.html). 


Installation 


¢ Based on your platform, options that are not supported are dimmed. For example, if you are 
installing on the Windows platform, the NIS driver is dimmed in the list of drivers to install. 


+ When installing DirXML Web Components, the port number automatically changes whether 
you are using SSL or not. On the page where you set up authentication parameters for the Web 
server, if you deselect Use SSL, the Web Server Port changes to match. 


¢ The install program now provides an option for installing a secondary cluster node. For a 
secondary node in a cluster, you use the option to install packages without configuring them. 
See “High Availability” in the Novell Nsure Identity Manager 2 Administration Guide. 


Driver Set Overview 
Some enhancements are visible on the Overview page, accessible in iManager by clicking 
DirXML Management > Overview. 
+ A small icon next to the driver icon indicates the current startup setting for the driver. 
. & Manual 
+ & Automatic 
+ & Disabled 


+ You can go to the driver property pages directly from the Driver Set Overview page. In the 
upper right corner of the driver icon, click the icon that indicates whether the driver is running. 
In the menu that pops up, click Edit Properties, as shown in the following figure. 


Start driver 
Get current status 
Edit properties 


Previously you were required to click the driver icon on the Driver Set Overview page, then 
click the driver icon again on the Driver Overview page. 


+ A button labeled Information lets you view the version number of the DirXML engine and the 
drivers running on each server. See “Versioning Discovery Tool” on page 25. 


¢ For drivers that are set up to run the same driver instance on multiple servers, the following 
enhancements were added: 


+ The Copy Data option lets you copy driver parameters (such as per-replica attributes of 
the driver) from one server to another, by choosing the source and destination server and 
which kinds of parameters to copy. 
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To access this option, click the upper right corner of the driver icon in the Driver Set 
Overview, on the portion of the icon that indicates whether the driver is running. If the 
this driver instance is running on multiple servers, the Copy Data option is listed in the 
popup menu, as shown in the following figure: 


Start driver 
Get current status 


Edit properties i 
Copy data 


eDirectory D a l 


When you click Copy Data, the following page appears, where you can specify the data 
that you want to be copied. 


Z Copy per-replica data - Microsoft Internet Explorer A MLE ci D 


= 15) x| 


& Copy data 


Select the data that you want to copy from one server to another. 
{If the source server does not have the selected data, the data on the 
destination server will be deleted.) 


Select the server to copy from: 

[COMPAG-1 .51. Servers. Novell ~] 
Select the server to copy to: 

[COMPAQ-2.52. Servers. Novell >| 


Select the data that you want to be copied. 
M Global configuration values 
M Named passwords 


M Driver authentication information 
M Driver startup option 
M Driver parameters 


+ Inthe driver property pages, each section that is server-specific lets you click the server 
name to switch between servers. This feature allows you to see how the driver parameters 
are set on each server. 


+ Ifthe server where the driver set is running has a version of the DirXML engine that is out of 
date, a warning is displayed on the Driver Set Overview page. 


For example, if you update the iManager plug-ins before updating the DirXML engine, the 
following warning is displayed: “The version of DirXML on this server is out-of-date. some 
features provided in the interface might not be supported by the version of the DirxML 
Engine on this server.” 


An example is shown in the following figure. 
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Running on server(s): 


> COMPAQ-1.51. Servers. Novell fal 
COMPAQ-2.S2.Servers.Novell [h [x] 


it] The version of DirXW\L on this server is out-of- 
date. Some features provided in the interface might 
not be supported by the version of the DinL 
engine on this server. 


Driver Overview 


¢ As on the Driver Set Overview page, a small icon next to the driver icon indicates the current 
startup setting for the driver. 


. § Manual 
+ &% Automatic 
+ & Disabled 


Between the Subscriber and Publisher channels, a new icon lets you view a list of all the 
policies at once. When you click the icon, a page like the following appears. 


F Yiew All Policies - Microsoft Internet Explorer 


Show All Policies 


The following policies were found for this driver: 
{Click on the image on the left of the policy name to retrieve the list of rules for the policy.) 


a 


DirXML-Driver 


M ES MatchingRule [Ð 


T ES MappingRule 

M SE OutputTransformss 

T ES sample D 
DirXML-Publisher E] 

TC ES PublisherCreateRule > 


TC ES  PublisherPlacementRule [> 


On this page, you can click the name of a policy to view or edit the policy. You can also do 
the following: 


+ i] Add a new policy to the driver 

e D View which policy set or policy sets a policy is in. If the policy is not part of any policy 
set, the icon displayed is D. 

* View the type of policy. For example, = represents a DirXML Script policy, and S= 
represents a style sheet. 
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+ Click the = or = icon to expand the list of rules in that policy. 


¢ View a list of policies that are used by this driver but are actually policy objects held in 
another driver or driver set. The External References heading indicates these policies. 


+ On the property pages for a policy, you can enable or disable individual rules in the policy by 
clicking the icon to toggle the setting. 


+ [E] Indicates it is enabled. 
° Indicates it is disabled. 


Driver Configuration: Importing and Exporting 


¢ Driver configurations can be imported or exported even if the configuration contains 
references to an external policy. 


+ You can import a driver configuration from a file on the local system. Previously you could 
import only driver configurations that were in the correct directory on the iManager web 
server. 


+ The sample driver configurations contain the English text strings that describe the selections 
you make when importing the driver configuration. This means that you can read the import 
prompts in English even if the .xlf file containing the localized strings is not present. 


This change supports the ability to import a driver configuration from a local file. Previously 
both the configuration file and the matching .xlf file were required in the correct directory on 
the iManager server. 


+ The Driver Name prompt is now a required field during the import, so you must specify a 
value before clicking Next. 


¢ The Import Driver Wizard supports conditional prompting to reduce complexity when 
importing a driver configuration. The value you specify at an initial prompt can determine 
whether additional prompts are displayed when you click Next. 


For example, in the sample driver configurations, flexible prompting is used for the Remote 
Loader settings. In in the Driver is Local/Remote prompt, if you specify Local, no additional 
prompts regarding Remote Loader are presented. If you specify Remote, and then click Next, 
additional prompts are displayed for setting up Remote Loader. 


¢ In the Import Driver Wizard, two new policies are provided under the Additional Policies 
heading. These two policies are overlay policies for the DirXML Driver for Lotus* Notes*, 
and they have the following names: 


+ Notes - Move Sample 
+ Notes - Return Email Address 
After you import these policies for a driver, you need to add them to a policy set. 


For more information, see the DirXML Driver for Lotus Notes Implementation Guide (http:// 
www.novell.com/documentation/dirxmldrivers). 


+ When you export a driver configuration, if the same driver instance is running on multiple 
servers, you specify which server holds the configuration you want to export. 
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Driver Configuration: Editing 


In this section: 
+ “Driver Properties” on page 14 
è “Schema Mapping” on page 16 
¢ “Driver Filter” on page 17 
+ “Policy Builder” on page 18 
+ “Referencing External Policies” on page 19 


+ “Referencing External Policies” on page 19 


Driver Properties 


+ The Named Passwords feature is now available as a tab in the driver property book. For 
security, Named Passwords let you remove the actual password from the driver policy and 
instead refer to the password by a name of your choice. 


Previously you could set Named Passwords using only the DirXML Command Line Utility. 
See “Using Named Passwords” in the Novell Nsure Identity Manager 2 Administration Guide. 


¢ The driver parameters interface supports drop-down lists for values, like the functionality 
used to provide you with valid choices when you import a driver. 


For example, in the following figure a drop-down list indicates what the valid choices are for 
SIF Specification Version. 


Modify Object: © SIF 


Driver Parameters 
DXML3. Novell 


Edit XML 


Driver Settings 


SIF Agent Name ®© [Novell Identity Manager 
SIF Specification version ®© [SIF Spec 1.1 7] 

Driver keystore file® 

Driver certificate password ®© 

Authentication level® joz 

Encryption level ® pz 


You can click Edit XML to see how the feature is implemented. 


¢ The interface for both the driver parameters and the global configuration values (GCVs) 
support providing additional information about an item, indicated by the ® icon. The 
following figure shows how this information is displayed when you click the icon. 


14 What's New in Identity Manager 2.0.1? 


Novell iManager - Microsoft Internet Explorer 9/1/04 2:17:12pm sjwjrjejcio | -101 x| 
Modify Object: © SIF 


Server Variables \ General | 


Driver Configuration | Global Config Values | Named Passwords | Engine Control Values | 
Linkage | Log Level | Driver Image | Security Equals | Filter | Edit Filter XML | Misc | 


Driver Parameters 
DXML3. Novell 


Edit XML 


Driver Settings 


Name: authLevel 


Type: enum 
Description: 


Authentication level specifies the security requirements of the communication channel between the 
ZIS and the recipient agents. Authentication level and Encryption level define the minimum level of 
security a data transport channel must provide. See the SIF Specification for more information about 
authentication level. 


You can click Edit XML to see how the feature is implemented. 


¢ The interface for global configuration values (GCVs) supports the following features to help 
organize the GCVs: 


¢ Drop-down lists 


+ Headings 


+ 


Hierarchical lists 
¢ View/hide settings 
+ Browse buttons 


If you click the Global Config Values tab in the sample driver configuration for the DirxXML 
Driver for SIF, you can see extensive use of these new features. 


The following figure shows an example: 
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a Novell iManager - Microsoft Internet Explorer 9/1704 3:25:28pm sjwfjrjelclo] E x| 
Modify Object: © SIF 


OSCE Server Variables \ General \ 


Driver Configuration | Global Config Values | Named Passwords | Engine Control Values | Linkage | 
Log Level | Driver Image | Security Equals | Filter | Edit Filter XML | Misc | Excluded Users | 


Global Configuration Values are a means through which the behavior of a DirxsAL driver configuration can be changed 
without requiring any policy to be changed. 


Global Configuration Values 


For server: DXML3. Novell 


Driver Configuration 
I Search container ON ® | E 
SIF users to manage @ [Students only z] 


Manage preexisting eDirectory users @ 
Send user updates to SIF @ 
Send new users to SIF ® 
O Duplicate user ID handling @ [Add a digit z] 
T student Configuration Parameters @ [View | 
T student user ID format @ [View z] 
[T Part 1 attribute © | Last Name z] 


T Part 1 attribute length © [all z] 


I part 2 attribute @ [First Name z] z 
rf 


You can click Edit XML to see how these features are implemented. 


Schema Mapping 


In the interface for the Schema Mapping Policy, you can click the button labeled eDirectory 
Schema Tools to make changes to the schema. Previously you had to use separate tasks in 
iManager. 


The following figure shows the menu displayed when you click eDirectory Schema Tools. 
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F Novell iManager - Microsoft TS s[ujrjs|c|o] -10l x| 
DirXML Policy: == Mapping Rule E 


DirXML 
DirXML Policy | Edit XML | Usage 


Bj 
Ei 
Driver DN: SIF.Driverset.Novell 
eDirectory Classes 
eDirectory Schema Tools 
Refresh eDirectory Schema 
Add Attribute.. 


Create Attribute.. 
Create Class.. 
Delete Attribute.. 
Delete Class.. 


from server: 


Driver Filter 


¢ The Filter interface provides a shortcut for resetting attributes on the Publisher or Subscriber 
channel; you can specify Reset as the value in the filter. This feature can be used even for 
multi-value attributes. The Reset option is shown in the following figure. 


F Novell iManager - Microsoft Internet Explorer 


Filter: ©) DB2 


DirXML 
Fitter | Edit Filter XML 


Add Class | Add Attribute | Delete | Copy Filter From... | Set Template 


a <D User 
KED Facsimile Telephone Numb Application hama: 
[name 
<> Given Name 
< jpegPhoto 


QÈ Login Disabled Publish: 
© Synchronize 


C Ignore 


<D Password Expiration Time 
QÈ Password Minimum Length Yo Notify 
<D Surname R C Reset 
KEDI Telephone Number 


Subscribe: 
De Synchronize 
Be Ignore 
S% © Notify 
iF C Reset 


ee el el eel 


OK | ___Cancel_ | Apply | 


¢ The Filter interface provides a shortcut for schema mapping of attributes. The preceding 
figure shows an example. The Application Name field lets you specify what the attribute 
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should be mapped to, and a browse button is provided for browsing the schema of the 
connected system if it is available. 


+ When you collapse an attribute list in the left frame, that attribute remains collapsed even after 
you add a new attribute to the Filter. 


Policy Builder 
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The following figure shows an example of the new features that are discussed in this section. 


E] Novell iManager - Microsoft Internet Explorer 


Modify Object: =S PublisherCreateRule 


iT General \ 
DirXML Policy | Edit XML | Linkage | Usage | Associations 


Policy rules describe a policy that is implemented by an ordered set of rules. A rule consists of a set of 
conditions to be tested and an ordered set of actions to be perforrned when the conditions are met. 


Bel Eel [Gi] Append New Rule..| Remove | Save As...| Insert ¥| _ Edit Namespaces... | 


© Policy Rules 


(QC Create Users 


onditions 


2 
@ veto if operation attribute not available("Surname") xl 


OK Cancel Apply 


¢ For easier testing, you can enable or disable individual rules, condition groups, conditions, 
and actions in the policy by clicking the icon to toggle the setting. 


+ [Gl Indicates it is enabled. 
bd Indicates it is disabled. 


¢ You can cut, copy, and paste individual rules. To do so, select the check box for the rule, and 
click the cut, copy, or paste icons: Bel ES [0], 


+ You can delete individual rules by selecting the check box for the rule or rules and clicking 
the Remove button. 


+ You can save the policy to a file on the local system by clicking the Save As button. 


+ You can add another policy inside this policy by using the Insert button. See “Referencing 
External Policies” on page 19. 


¢ You can click the Add Namespace button to use the Namespace Editor. The namespaces you 
add can be saved as cookies, so you can select them later when you are editing. 
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Policy Builder enables you to use multiple XML namespace definitions within your 
XML documents. To define a namespace, specify the namespace prefix in the 
Name field, and the URI in the URI field. Leave the Java extension checkbox 
unchecked, 


You can also access Java classes through XPATH using XML namespace 
definitions, To create a namespace for a Java class, specify the namespace 


prefix in the Name field, the class name in the URI field, and check the Java 
extension checkbox, 
* Required 


H [Append New Namespace | Remove | _Save as Cookie | 
icy Namespaces 


There are no namespaces defined on this policy. 


al 


Referencing External Policies 


There are multiple ways to reference an external policy: 


+ When you add a policy to a driver, you can browse to a policy object anywhere in the tree, and 
create an external reference to it. You can add a policy that exists in a common library or exists 
as a policy object under another driver. The referenced policies are included when you import 
or export the driver configuration. 


If the referenced policy is part of a chain, this method preserves chaining; if the policy has a 
successor in another policy set, the successor is also executed as part of the driver 
configuration. 


+ You can add another policy inside a policy using the Insert button in the Policy Builder. The 
Insert option gives you two choices: 


+ Append a reference to a policy containing DirXML Script. This option does not copy the 
DirXML Script; instead it creates a reference to another policy object. This option results 
in an Include statement displaying the name of the reference policy. You can specify 
whether the policy is referred to by a relative address or an absolute address. 


This method is not affected by chaining, so you can reuse policies in this way without 
regard to what they are chained to. 


Z 1:Include Policy - Microsoft Internet HE MG EAA 


Include Policy 


Include Policy is used to include a reference to a policy 
object containing DirXML Script. 

* Required 
Policy to include:* 


a o ooo 


m Render browsed DN relative to 
PublisherCreateRule.Publisher.DB2.Driverset. Novell 
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¢ Import an XML file containing DirXML Script. This option copies the DirXML Script 
into this policy. 


e] M reign: S|wirRielc| D | 


Import Policy 


Import Policy is used to import DirXxML Script policy from a 
file into the policy abject. The rules from imported policy 
can be appended to the policy or the entire policy can be 
replaced with the imported policy. 

* Required 
@ Append the rules from the imported policy 
C Replace the policy with imported policy 


File containing the DirXML Script policy to import:” 
Browse... 


Rule Builder, Argument Builder, and String Builder 
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¢ The browser windows displayed for the Rule Builder, Argument Builder, and String Builder 


are numbered and are modal. For example, if you are in Rule Builder and open the String 
Builder and Argument Builder, the windows are numbered 1:Rule Builder, 2:String Builder, 
and 3:Argument Builder, as shown in the following figure. 


@ 1:Rule Builder - Microsoft Internet Explorer 
Rule Builder 
Å 2:Named String Builder - Microsoft Internet Explore! 


String Builder 
E] 3:Argument Builder - Microsoft Internet Explorer 


Argument Builder 


Add or remove your components to the expressi 


<= Expression 


Select noun and verb tokens from the right to add 
Expression caption to rearrange or remove them. 


The windows stay in order to help you keep track of where you are in the interface. For 
example, if you click on the 1:Rule Builder window in this example, the other two windows 
are automatically displayed on top. This ordering persists until you close the windows. 


For easier testing, you can enable or disable individual, condition groups, conditions, and 
actions in the policy by clicking the icon to toggle the setting. 


+ [©] Indicates it is enabled. 
d Indicates it is disabled. 


You can cut, copy, and paste condition groups, conditions, and actions within the same wer 

. A . à Mol E A 
or to other policies and other drivers. To do so, click the cut, copy, or paste icons: ÈS) ËE 
beside the item, as shown in the following figure. 
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e] 1:Rule Builder - Microsoft Internet Explorer 972704 11:25:38am Slujrjejcio] -iol x) 
Rule Builder 


® Description: 
[Create Users 


Conditions 
Select condition structure: 


© OR Conditions, AND Groups 
© AND Conditions, OR Groups 


[A Condition Group 1 §3 Ee [A] 


"fesse SS EI 


equal 
case insensitive X 


A 


Actions 
Do [veto if operation attribute not avail JE Eel 
Enter name: [Surname E a 
rf 


¢ Browsing lists such as the list of attributes is easier, because you can type the first few 
characters of the attribute name to cause the alphabetical list to scroll to that section. For 
example, in the following figure, after opening the Class Names list you can type GU to 
quickly scroll to the GUID attribute in the alphabetical list. 


Z 1:Rule Builder - Microsoft Internet Explorer 9/2704 11:38:39am sjwjrjejcio]| -ol x| 
Rule Builder 


® Description: 


[Create Users 


Conditions Class Names (from schema) 
Select condition structure: 


OR Conditions, AND Groups Search: [ O O 


© AND Conditions, OR Groups [Anything] 

Nothing 

AFP Server 
(A Condition Group 1 (3) B= [A] Alias 3 ; 

apchadmnConfiguration 
le] apchadmnConfigurationBlock 
apchadmnModule 
apchadmnServer 
apchadmnvirtualHost 
applicationEntity 
applicationProcess 
[A Condition Group 2 (5) B=! [A] Audit:File Object 
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+ Inthe Rule Builder, an information icon @ is provided to let you add a description for the rule. 
When you click the icon, a Comment Editor is displayed. The comments you add are part of 
the policy and are included when you import or export the policy. 


The following figure shows the Comment Editor. 


Bed ees ee suirfe lecio] -10l xj 


Comment Editor 


¢ Asashortcut in the Rule Builder, you can type a text entry instead of going into the Argument 
Builder. 


+ DirXML Script provides new conditions: 


+ Named password. You can verify whether a Named Password you previously created 
exists in an operation. 


For security, Named Passwords let you remove the actual password from the driver policy 
and instead refer to the password by a name of your choice. See “Using Named 
Passwords” in the Novell Nsure Identity Manager 2 Administration Guide. 


+ Operation property. You can check for the existence of an operation property. 
+ DirXML Script provides new actions: 

+ Operation property. You can set or clear an operation property. 

+ Clone by XPATH expressions. 


+ Trace message. For debug purposes, you can use Policy Builder to create a trace 
message. You can also specify the color for the message text in the trace. 


Previously this functionality was available only in a style sheet. 


+ Generate event. Nsure Audit has been changed to allow for more event data to be passed. 
Event data fields are provided by named string elements. The Nsure Audit event structure 
contains string fields (target, subTarget, text1, text2, text3), integer fields (target-type, 
data-type, value, value3) and one generic data field (data). 


You can now use the generate event action to populate various field elements to pass data 
to Nsure Audit, as shown in the following figure. 
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1:Rule Builder - Microsoft Internet Explorer 9/2/04 2:11:23pm si(wiri[eic|o| _ (oj x| 
Rule Builder 


® Description: 


[Create Users 


Actions 


Do [generate event JE È| aas 
Enter ID [kRequired> 
Select level: [informational z] 
Enter strings: | 
w. 
| E 
— «K | Canet | 


When you click the icon to enter strings E, the String Builder opens and you can click 
Append New String to add additional elements. 


| 2:Named String Builder - Microsoft Internet Explorer 9/2/04 2:32:20pm siwi[r[elc{o] jo) x| 


String Builder 


Event data fields are provided by named string elements, The Nsure Audit event structure contains = 


string fields (target, subTarget, text1, text2, text3), integer fields (target-type, data-type, value, 
value3) and one generic data field (data). The string fields are limited to 256 bytes while the data field 
may contain up to 3KB of information, 

* Required 


Bj Eel) —__Append New string | Remove | 


[| D String value:* | A 


After an element has been added, you can browse to select from a string list. As shown 
in the following figure, the String Names list is much longer (previously only 4 items 
were available). 
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String Builder 


e] 2:Named String Builder - Microsoft Internet Explorer 


972704 2:30:02pm A MAAA A M= x) 


Event data fields are provided by named string elements. The Nsure Audit event structure contains 
string fields (target, subTarget, text1, text2, text3), integer fields (target-type, data-type, value, 
value3) and one generic data field (data). The string fields are limited to 256 bytes while the data 


field may contain up to 3KB of informatiog 


String Names 


Strings 


+ Inthe Argument Builder, when you add elements, nouns, verbs, etc., you can update the 
Expression list using a link at the bottom of the page that says “update the expression panel,” 


as shown in the following figure. 


e] 3:Argument Builder - Microsoft Internet Explorer ‘siwir[elc{[o|_|o) x| 


Argument Builder 


Add or remove your components to the expression area to construct your argument. 


Enter component values under Editor. 


Bupa Aue 
Select noun and verb tokens from the right to add to the 
Expression area, Use the buttons in the Expression 
caption to rearrange or remove them. 


@ Editor * Required 


This is where information about the selected token is 
viewed and edited. 


To ‘view changes, update the expression panel or select /add a 
component, 


& Nouns 


Added Entitlernent 


Escape Source DN a 
Escape Destination DN 
Lower Case xl 


<add | 
? Description eE 


Constant text. 


— œK | Cancel _| 


Previously you had to click OK and then go back into the Argument Builder to update the list. 
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u can cut, copy, and paste expressions and tokens within the Expression list using the icons: 


Yo 
Bd Ea Al, 


Versioning Discovery Tool 
This new tool lets you view the version number of the DirXML engine and the drivers running on 
each server. You can access the tool in two places: 
+ As a separate task in iManager, DirXML Utilities > Versioning Discovery Tool. 


+ On the Overview page for a driver set (DirXML Management > Overview), by clicking the 
Information button. 


To view version information in a text format or save it to a file, click the View or Save As button. 


Keep in mind that you can view version information for a driver only if the driver has previously 
been started on that server. If the driver has not been run, the message displayed is <attribute not 
found>. 


Password Management 


A sample Password Policy, sample Challenge Set, and Notification Configuration templates are 
installed if they are not already present. 


Nsure Audit 


¢ Five sample reports are provided for Nsure Audit: 
+ Objects Added 
+ Objects Modified 
+ Objects Deleted 
¢ Driver Activity 
¢ Driver Status 


+ Nsure Audit has been changed to allow for more event data to be passed. You can now use the 
generate event action to populate various field elements to pass data to Nsure Audit. 


Event data fields are provided by named string elements. The Nsure Audit event structure 
contains string fields (target, subTarget, textl, text2, text3), integer fields (target-type, data- 
type, value, value3) and one generic data field (data). 


To review example figures from Rule Builder, see the item about the generate event action in 
“Rule Builder, Argument Builder, and String Builder” on page 20. 
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Updates 


+ “September 10, 2004” on page 27 


September 10, 2004 


+ More platforms are listed in “Platform Support” on page 9. 
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